TwinCAT/BSD Vulnerabilities at Beckhoff Put PLCs at Risk of Tampering, DoS Attacks

0
60
TwinCAT/BSD Vulnerabilities at Beckhoff Put PLCs at Risk of Tampering, DoS Attacks
TwinCAT/BSD Vulnerabilities at Beckhoff Put PLCs at Risk of Tampering, DoS Attacks

Several vulnerabilities in Beckhoff Automation’s TwinCAT/BSD industrial PC operating system have been discovered.

The TwinCAT/BSD operating system for industrial PCs from Beckhoff Automation has multiple vulnerabilities that Nozomi Networks, a cybersecurity company, has discovered and shared information about. TwinCAT/BSD is an open-source operating system that combines the TwinCAT runtime with FreeBSD. With TwinCAT, almost any PC-based system may be converted into a real-time controller with multi-PLC system functionality. Four vulnerabilities affect the Device Manager web-based management component that comes with the operating system and allows for remote configuration and monitoring of Beckhoff devices, according to Nozomi Networks.

Two of the vulnerabilities, identified as CVE-2024-41173 and CVE-2024-41174, are of “high severity,” meaning that they can be used to execute cross-site scripting attacks or circumvent authentication, respectively. Nozomi claims that a hacker can manipulate the PLC logic by taking advantage of CVE-2024-41173. One of the vulnerabilities found may be used by an attacker with restricted access to reset the PLC administrator’s password without requiring the original. This could possibly undermine the controlled industrial process by giving them the ability to use ordinary engineering tools to connect to the PLC with administrative access and reprogram the device as they see fit, according to the ICS cybersecurity firm.

The two remaining vulnerabilities, classified as “medium severity,” allow local attackers to initiate a PLC denial of service (DoS). Devices can be rendered inoperable, even remotely via the network, by an attacker with restricted access until a power reset is carried out.This could be used in conjunction with other methods of attacking the device. For example, a threat actor might use the previously mentioned PLC programming manipulation to start the industrial process disruption, then carry out this plan to block access to the device and any attempt to take control again, according to Nozomi. For every vulnerability, Beckhoff has provided alerts, patches, and mitigations.

Also readTop 3 Workforce Management Companies in India You Should Know

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.

CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.